Credit Fraud Due To Outsourcing
Posted on: Friday, 3 October 2008, 08:35 CDT
According to data investigators at Verizon Communications Inc, the dependence of restaurant chains and retail stores on outside companies handling basic information-technology functions is at fault for an outbreak of consumer data violations in the last few years.
Even a string with thousands of restaurants involved might have a paltry 100 employees in the information technology field. As a result, they use outside vendors for many IT needs, stated Bryan Sartin, director of the investigative response team at Verizon Business.
"What happens is there's a lack of accountability on the third party," Sartin said.
Verizon investigates a quarter to a third of the large, visible cases announced to the public that take place each year, as well as hundreds of less significant cases.
Recently, restaurants and retail businesses have been responsible for half of Verizon's 230 to 250 cases annually. A study released Thursday discovered that insiders at several service vendors are involved in the crimes.
According to Sartin, organized data-stealing crews "go to the call centers, the Web development companies, the content development companies, the business partners, the people who pick up the backup tapes.”
"They say ... if you hate your boss and you're in financial straits, we're your solution. Give us access to your customers. Better yet, give us your data."
In a characteristic case Sartin was working on, a hefty oil company in Canada that owned thousands of gas stations drew in the team. After awhile, customers were discovering false charges on their credit cards following their use at the gas station.
The team soon came to the conclusion that someone at a technology vendor was to blame, but could not catch them. The investigators set a trap in the system to ensnare the culprit.
"The trap went off on Saturday morning," Sartin said. "Hackers always think nobody's looking on Saturday mornings."
Police were sent to the vendor's office, and the 21 year old who maintained the software that controlled the gas pumps turned out to be the offender. He had also put up for sale lists of customer data to organized crime.
However, several infractions don't only occur through outsourcing. In possibly the biggest case in the last few years, the gang that ripped off about 41 million credit and debit card numbers from large chains including TJX Cos. acquired access from unsecured wireless networks, not subcontractors' systems.
Verizon's report still recommends companies to keep a close eye on contractors, as well as limiting partners' access to simply the data they need.
---
On the Net:
Source: redOrbit Staff & Wire Reports
Related Articles
- VGX Announces Publication of Preclinical Data for the Company's Avian Flu Vaccine Candidate in PLoS ONE Journal
- The New Internet Access In Japan Industry Profile Is An Essential Resource For Top-Level Data And Analysis Covering The Internet Access Industry
- Subcontractors for Verizon Jailed in Immigration Case
- Internet Access in Canada Industry Profile Is an Essential Resource for Top-Level Data and Analysis Covering the Internet Access Industry
- New Internet Access in France - Industry Profile is an Essential Resource for Top-Level Data and Analysis Covering the Internet Access Industry
- Latest Internet Access in China Industry Profile is an Essential Resource for Top-Level Data and Analysis Covering the Internet Access Industry
- Research and Markets: Verizon Communications Company Intelligence Report Outlines the Companys Recent Activities and Corporate Strategy, and Provides Essential Financial Performance Data and Contact Details
- Conservation Components of Chattanooga Gas Company's Rate Case Filing to Benefit Customers
- Data Security Management Company Acquires Another Stamford, Conn., Firm
- Southern Company Gas Plans to Sell Georgia Assets to Electricity Provider
 |
 |
User Comments (0)
RSS Feeds